New research from Arctic Wolf claims 33% of enterprise IT assets are missing at least one critical security control or are misconfigured, creating blind spots that attackers could exploit.
The findings come from the company’s State of the Cybersecurity Attack Surface Report, which highlights gaps in core security hygiene measures including patching, endpoint protection and vulnerability scanning.
According to the report’s key findings:
- 18% of IT assets are not covered by patch or configuration management
- 10% lack endpoint protection
- More than 17% are invisible to legacy vulnerability management tools and are never scanned for known vulnerabilities
- 19% of IT assets have reached end-of-life and no longer receive security updates
The company said the data suggests unmanaged assets, legacy systems and visibility gaps remain significant drivers of cyber risk, even as organisations focus on emerging threats and high-severity vulnerabilities.
Arctic Wolf offered interview access to Dan Schiappa, its chief product and services officer, to discuss the findings and what the company described as emerging attack trends.
In background information provided with the report, Arctic Wolf said it works with hundreds of SMBs and mid-market organisations in Australia, including Arts Centre Melbourne, Parramatta Eels and Brighton Grammar School, and employs around 70 local staff.
You can read the full report here.
